Backend and frontend refactored to use new Samba and storage functionality

2025-03-21 18:50:38 +03:00 · 2019-12-19 16:48:29 +04:00 · 2019-12-19 16:48:29 +04:00 · ac5345de3e
commit ac5345de3e
parent 17154b5611
4 changed files with 51 additions and 61 deletions
--- a/gpoa/backend/init.py
+++ b/gpoa/backend/init.py
@ -1,8 +1,21 @@
+import logging
+
+from util.windows import smbcreds
 from .samba_backend import samba_backend

-def backend_factory(loadparm, creds, sid, dc, username):
+def backend_factory(dc, username):
    '''
    Return one of backend objects
    '''
-    return samba_backend(loadparm, creds, sid, dc, username)
+    sc = smbcreds()
+    result_dc = sc.select_dc(dc)
+    domain = sc.get_domain(result_dc)
+    back = None
+
+    try:
+        back = samba_backend(sc, result_dc, username, domain)
+    except Exception as exc:
+        logging.error('Unable to initialize Samba backend')
+
+    return back

--- a/gpoa/backend/samba_backend.py
+++ b/gpoa/backend/samba_backend.py
@ -12,27 +12,27 @@ import util.preg
 class samba_backend(applier_backend):
    __default_policy_path = '/usr/share/local-policy/default'

-    def __init__(self, loadparm, creds, dc, username, domain):
+    def __init__(self, sambacreds, dc, username, domain):
+        self.storage = registry_factory('registry')
+        self.storage.set_info('domain', domain)
+        self.storage.set_info('machine_name', util.get_machine_name())
+        self.storage.set_info('machine_sid', util.get_sid(domain, self.storage.get_info('machine_name')))
+
        # User SID to work with HKCU hive
        self.username = username
-        self.domain = domain
        self._is_machine_username = util.is_machine_name(self.username)
-        self.sid = util.get_sid(self.domain, self.username)
-        if not self._is_machine_username:
-            self.machine_sid = util.get_sid(domain, util.get_machine_name())
-        else:
-            self.machine_sid = self.sid
+        self.sid = util.get_sid(self.storage.get_info('domain'), self.username)

-        self.storage = registry_factory('registry')
        self.cache = cache_factory('regpol_cache')
        self.gpo_names = cache_factory('gpo_names')

        # Samba objects - LoadParm() and CredentialsOptions()
-        self.loadparm = loadparm
-        self.creds = creds
+        self.sambacreds = sambacreds
+        self.loadparm = sambacreds.lp
+        self.creds = sambacreds.creds
        self.dc = dc

-        self.cache_dir = self.loadparm.get('cache directory')
+        self.cache_dir = self.sambacreds.get_cache_dir()
        logging.debug('Cache directory is: {}'.format(self.cache_dir))

    def retrieve_and_store(self):
@ -40,7 +40,7 @@ class samba_backend(applier_backend):
        Retrieve settings and strore it in a database
        '''
        # Get policies for machine at first.
-        machine_gpts = self._get_gpts(util.get_machine_name(), self.machine_sid)
+        machine_gpts = self._get_gpts(util.get_machine_name(), self.storage.get_info('machine_sid'))
        for gptobj in machine_gpts:
            gptobj.merge()

@ -49,7 +49,7 @@ class samba_backend(applier_backend):
        if not self._is_machine_username:
            user_gpts = self._get_gpts(self.username, self.sid)
            for gptobj in user_gpts:
-                gptobj.merge(self.sid)
+                gptobj.merge()

    def _check_sysvol_present(self, gpo):
        '''
@ -63,32 +63,19 @@ class samba_backend(applier_backend):
    def _get_gpts(self, username, sid):
        gpts = list()

-        try:
-            gpos = util.get_gpo_list(self.dc, self.creds, self.loadparm, username)
-
-            # GPT replication function
-            try:
-                check_refresh_gpo_list(self.dc, self.loadparm, self.creds, gpos)
-            except:
-                logging.error('Unable to replicate GPTs from {} for {}'.format(self.dc, username))
-
-            for gpo in gpos:
-                if self._check_sysvol_present(gpo):
-                    logging.debug('Found SYSVOL entry {} for GPO {}'.format(gpo.file_sys_path, gpo.name))
-                    path = check_safe_path(gpo.file_sys_path).upper()
-                    gpt_abspath = os.path.join(self.cache_dir, 'gpo_cache', path)
-                    print('Creating GPT object')
-                    obj = gpt(gpt_abspath, sid)
-                    obj.set_name(gpo.name)
-                    print(obj)
-                    logging.debug('Path: {}'.format(path))
-                    gpts.append(obj)
-                else:
-                    if 'Local Policy' == gpo.name:
-                        gpts.append(get_local_gpt(sid))
-        except Exception as exc:
-            print(exc)
-            logging.error('Error fetching GPO list from {} for {}'.format(self.dc, username))
+        gpos = self.sambacreds.update_gpos(self.dc, username)
+        for gpo in gpos:
+            if self._check_sysvol_present(gpo):
+                logging.debug('Found SYSVOL entry {} for GPO {}'.format(gpo.file_sys_path, gpo.name))
+                path = check_safe_path(gpo.file_sys_path).upper()
+                logging.debug('Path: {}'.format(path))
+                gpt_abspath = os.path.join(self.cache_dir, 'gpo_cache', path)
+                obj = gpt(gpt_abspath, sid)
+                obj.set_name(gpo.display_name)
+                gpts.append(obj)
+            else:
+                if 'Local Policy' == gpo.name:
+                    gpts.append(get_local_gpt(sid))

        print('GPTs found:')
        for gptobj in gpts:
--- a/gpoa/frontend/init.py
+++ b/gpoa/frontend/init.py
@ -10,10 +10,10 @@ import util
 import logging

 class applier:
-    def __init__(self, username, domain):
+    def __init__(self, username):
        self.storage = registry_factory('registry')
        self.username = username
-        self.sid = util.get_sid(domain, self.username)
+        self.sid = util.get_sid(self.storage.get_info('domain'), self.username)

        self.appliers = dict({
            'control':  control_applier(self.storage),
--- a/gpoa/main.py
+++ b/gpoa/main.py
@ -2,14 +2,11 @@

 import argparse

-# Facility to determine GPTs for user
-import optparse
-from samba import getopt as options
-
 # Our native control facility
 import util
 from backend import backend_factory
 import frontend
+from plugin import plugin_manager

 # Remove print() from code
 import logging
@ -32,31 +29,24 @@ def parse_arguments():

 class gpoa_controller:
    __kinit_successful = False
-    __parser = optparse.OptionParser('GPO Applier')
    __args = None
-    __sambaopts = options.SambaOptions(__parser)
-    __credopts = options.CredentialsOptions(__parser)
-    # Initialize loadparm context
-    __lp = __sambaopts.get_loadparm()
-    __creds = __credopts.get_credentials(__lp, fallback_machine=True)

    def __init__(self):
        self.__kinit_successful = util.machine_kinit()
        self.__args = parse_arguments()

-        # Determine the default Samba DC for replication and try
-        # to overwrite it with user setting.
-        dc = util.select_dc(self.__lp, self.__creds, self.__args.dc)
-
        username = self.__args.user
-        domain = util.get_domain_name(self.__lp, self.__creds, dc)

-        back = backend_factory(self.__lp, self.__creds, dc, username, domain)
-        back.retrieve_and_store()
+        back = backend_factory(self.__args.dc, username)
+        if back:
+            back.retrieve_and_store()

-        appl = frontend.applier(username, domain)
+        appl = frontend.applier(username)
        appl.apply_parameters()

+        pm = plugin_manager()
+        pm.run()
+
 def main():
    controller = gpoa_controller()